1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
|
#https://github.com/containers/common/blob/main/pkg/config/containers.conf
[containers]
#annotations = []
#apparmor_profile = "container-default"
#base_hosts_file = ""
#cgroup_conf = []
cgroupns = "private"
cgroups = "enabled"
netns = "private"
#pidns = "private"
#userns = "host"
#utsns = "private"
#seccomp_profile = "/usr/share/containers/seccomp.json"
#shm_size = "65536k"
default_capabilities = [
"CHOWN",
"DAC_OVERRIDE",
"FOWNER",
"FSETID",
"KILL",
"NET_BIND_SERVICE",
"SETFCAP",
"SETGID",
"SETPCAP",
"SETUID",
"SYS_CHROOT"
]
default_sysctls = [
"net.ipv4.ping_group_range=0 0",
]
#devices = []
#dns_options = []
#dns_searches = []
#dns_servers = []
#env = [
# "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
#]
#env_host = false
#host_containers_internal_ip = ""
#http_proxy = true
#init = false
#ipcns = "shareable"
#keyring = true
#label = true
#label_users = false
#log_driver = "k8s-file"
#log_size_max = -1
#log_tag = ""
#mounts = []
#prepare_volume_on_create = false
#privileged = false
#read_only = false
#seccomp_profile = "/usr/share/containers/seccomp.json"
#tz = ""
#umask = "0022"
#volumes = []
[secrets]
#driver = "file"
[secrets.opts]
#root = "/example/directory"
[network]
network_backend = "netavark"
#netavark_plugin_dirs = [
# "/usr/local/libexec/netavark",
# "/usr/libexec/netavark",
# "/usr/local/lib/netavark",
# "/usr/lib/netavark",
#]
#firewall_driver = "none"
network_config_dir = "/etc/containers/networks/"
default_network = "podman"
#default_subnet = "10.88.0.0/16"
#default_subnet_pools = [
# {"base" = "10.89.0.0/16", "size" = 24},
# {"base" = "10.90.0.0/15", "size" = 24},
# {"base" = "10.92.0.0/14", "size" = 24},
# {"base" = "10.96.0.0/11", "size" = 24},
# {"base" = "10.128.0.0/9", "size" = 24},
#]
default_rootless_network_cmd = "slirp4netns"
#dns_bind_port = 53
[engine]
#add_compression = ["gzip", "zstd", "zstd:chunked"]
#compat_api_enforce_docker_hub = true
#compose_providers=[]
#compose_warning_logs = true
#compression_format = "gzip"
#compression_level = 5
cgroup_manager = "cgroupfs"
conmon_path = [ "/usr/bin/conmon" ]
#conmon_env_vars = [
# "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
#]
#database_backend = ""
#detach_keys = "ctrl-p,ctrl-q"
#enable_port_reservation = true
#env = []
#events_logfile_path=""
#events_logfile_max_size = "1m"
events_logger = "none"
#events_container_create_inspect_data = false
#image_default_format = ""
#image_default_transport = "docker://"
#image_parallel_copies = 0
#image_volume_mode = ""
#infra_command = "/pause"
#infra_image = ""
#lock_type = "shm"
#multi_image_archive = false
#namespace = ""
network_cmd_path = "/usr/bin/slirp4netns"
#network_cmd_options = []
#no_pivot_root = false
#num_locks = 2048
#pod_exit_policy = "continue"
#pull_policy = "missing"
#remote = false
runtime = "crun"
runtime_supports_json = ["crun", "runc", "kata", "runsc", "youki", "krun", "uxc"]
#runtime_supports_kvm = ["kata", "krun"]
#runtime_supports_nocgroups = ["crun", "krun", "uxc"]
#service_timeout = 5
#stop_timeout = 10
#exit_command_delay = 300
#static_dir = "/var/lib/containers/storage/libpod"
tmp_dir = "/var/run/libpod"
#volume_path = "/var/lib/containers/storage/volumes"
#volume_plugin_timeout = 5
#podmansh_timeout = 30
[engine.runtimes]
crun = [
"/usr/bin/crun",
]
runc = [
"/usr/sbin/runc",
]
uxc = [
"/sbin/uxc",
]
[engine.volume_plugins]
#testplugin = "/run/podman/plugins/test.sock"
[machine]
#cpus = 1
#disk_size = 10
#image = "testing"
#memory = 2048
#user = "core"
#volumes = [
# "$HOME:$HOME",
#]
#provider = ""
[farms]
#[farms.list]
|